devtools: Prevent crash when inspecting devtools:// page

Only in a debug build we can enter in the branch "content::hasWebUIScheme" (:758) if the scheme is either "chrome://" or "devtools://". Later, constructing the WebURILoader (in :772 before the patch), there is the assumption that the uri scheme is always kChromeUIScheme. This was causing me crash of devtools while I was trying to open it on a page under "devtools://devtools/...". The crash was generated by web_ui_url_loader_factory.cc:254, where `scheme_` was "chrome", while `request.url.scheme()` was "devtools" Change-Id: If02ea147d494ed64c7f7dc560095f223c11f7dfa Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1687408 Commit-Queue: Nicolò Mazzucato <nicomazz@google.com> Reviewed-by: Andrey Kosyakov <caseq@chromium.org> Reviewed-by: Eric Seckler <eseckler@chromium.org> Cr-Commit-Position: refs/heads/master@{#676911}

devtools: Prevent crash when inspecting devtools:// page
Only in a debug build we can enter in the branch "content::hasWebUIScheme" (:758) if the scheme is either "chrome://" or "devtools://". Later, constructing the WebURILoader (in :772 before the patch), there is the assumption that the uri scheme is always kChromeUIScheme. This was causing me crash of devtools while I was trying to open it on a page under "devtools://devtools/...". The crash was generated by web_ui_url_loader_factory.cc:254, where `scheme_` was "chrome", while `request.url.scheme()` was "devtools" Change-Id: If02ea147d494ed64c7f7dc560095f223c11f7dfa Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1687408 Commit-Queue: Nicolò Mazzucato <nicomazz@google.com> Reviewed-by: Andrey Kosyakov <caseq@chromium.org> Reviewed-by: Eric Seckler <eseckler@chromium.org> Cr-Commit-Position: refs/heads/master@{#676911}
04d24fc9 · Nicolò Mazzucato · Commit Bot · abcfa634 · 04d24fc9
Commit 04d24fc9 authored Jul 12, 2019 by Nicolò Mazzucato Committed by Commit Bot Jul 12, 2019
Hide whitespace changes
Inline Side-by-side

Showing with 7 additions and 5 deletions

chrome/browser/devtools/devtools_ui_bindings.cc chrome/browser/devtools/devtools_ui_bindings.cc +7 -5

No files found.
--- a/chrome/browser/devtools/devtools_ui_bindings.cc
+++ b/chrome/browser/devtools/devtools_ui_bindings.cc
@@ -756,11 +756,12 @@ void DevToolsUIBindings::LoadNetworkResource(const DispatchCallback& callback,
        nullptr /* shared_cors_origin_access_list */);
    url_loader_factory = file_url_loader_factory.get();
  } else if (content::HasWebUIScheme(gurl)) {
+    content::WebContents* target_tab;
 #ifndef NDEBUG
-    // In debug builds, allow retrieving files from the chrome:// scheme
+    // In debug builds, allow retrieving files from the chrome:// and
-    content::WebContents* target_tab =
+    // devtools:// schemes
-        DevToolsWindow::AsDevToolsWindow(web_contents_)
+    target_tab = DevToolsWindow::AsDevToolsWindow(web_contents_)
-            ->GetInspectedWebContents();
+                     ->GetInspectedWebContents();
    const bool allow_web_ui_scheme =
        target_tab && content::HasWebUIScheme(target_tab->GetURL());
 #else
@@ -770,7 +771,8 @@ void DevToolsUIBindings::LoadNetworkResource(const DispatchCallback& callback,
      std::vector<std::string> allowed_webui_hosts;
      content::RenderFrameHost* frame_host = web_contents()->GetMainFrame();
      webui_url_loader_factory = content::CreateWebUIURLLoader(
-          frame_host, content::kChromeUIScheme, std::move(allowed_webui_hosts));
+          frame_host, target_tab->GetURL().scheme(),
+          std::move(allowed_webui_hosts));
      url_loader_factory = webui_url_loader_factory.get();
    } else {
      base::DictionaryValue response;